SlideShare una empresa de Scribd logo
1 de 32
Descargar para leer sin conexión
1
Vincent Vanbiervliet
Product Manager
Synchronized Security
Revolutionizing Advanced Threat Protection
2
What we’re going to cover
• What’s the problem?
• It’s time for a security revolution
• How it works
• Synchronized Security 2015-2016
• Your path to synchronized Security
33
What’s the problem?
4
Threat Landscape
5
Increasing attacks, increasing sophistication
Attack surface
exponentially larger
Laptops/Desktops
Phones/Tablets
Virtual servers/desktops
Cloud servers/storage
Threats more
sophisticated
Attacks are more
coordinated than defenses
6
Security industry 2D view
77
It’s time for a security
revolution
8
Generations of security
Point Products
Anti-virus
IPS
Firewall
Sandbox
Layers
Bundles
Suites
UTM
EMM
Synchronized Security
Security
Heartbeat™
9
Comprehensive protection
• Prevent Malware
• Detect Compromises
• Remediate Threats
• Investigate Issues
• Encrypt Data
MAC
ANDROID
WINDOWS
iOS
CORPORATE
DATA
WINDOWS
PHONE
LINUX
Synchronized Security
10
Integration at a different level
Synchronized Security Alternative
• System-level intelligence
• Automated correlation
• Faster decision-making
• Accelerated Threat Discovery
• Automated Incident Response
• Simple unified management
• Resource intensive
• Manual correlation
• Dependent upon human analysis
• Manual Threat/Incident response
• Extra products
• Endpoint/Network unaware of
each other
Management
Enduser Network
SIEM
Endpoint
Mgmt
NW Mgmt
Endpoint Network
11
Synchronized Security
Security must be comprehensive
The capabilities required to fully satisfy customer need
Security can be made simple
Platform, deployment, licensing, user experience
Security is more effective as a system
New possibilities through technology cooperation
Synchronized Security
Integrated, context-aware security where Enduser
and Network technology share meaningful
information to deliver better protection.
SOPHOS LABS
Sophos Cloud
Next Gen
Network Security
Next Gen
Enduser Security
heartbeat
1212
How it works
13
3 pillars of advanced threat protection
By device identification reduces
time taken to manually identify
infected or at risk device or host
by IP address alone
Compromised endpoints are
isolated by the firewall
automatically, while the
endpoint terminates and
removes malicious software.
Endpoint and network
protection combine to identify
unknown threats faster. Sophos
Security Heartbeat™ pulses real-
time information on suspicious
behaviors
Security Heartbeat™
Accelerated Threat
Discovery
Active Source
Identification
Automated Incident
Response
Faster, better decisions Quicker, easier
investigation Reduced threat impact
14
System Initialization
Registration
NGEP & NGFW register with Sophos Cloud which sends
certificate/sec info to both
Connection
Endpoints initiate connection to the trusted Firewall
Validation
Firewall and Endpoints check sec info sent to them by Cloud
to verify they are valid
SOPHOS LABS
Sophos Cloud
Next Gen
Network Security
Next Gen
Enduser Security
heartbeat
Support of multiple locations
Endpoints can establish connection to Firewalls
at any customer’s location as the Sophos Cloud registry
can be shared among all Galileo-enabled Firewalls
15
Accelerated Threat Discovery
Security Heartbeat
A few bytes of information are shared every 15
seconds from Endpoint to Network
Events
Upon discovery, security information like Malware,
PUA is shared between Endpoints and Network
Health
Endpoint sends Red, Yellow, Green health status to
Network
SOPHOS LABS
Sophos Cloud
Next Gen
Network Security
Next Gen
Enduser Security
heartbeat
VPN support
Galileo supports endpoints connected within the local
network as well as those connected via VPN as long as
they are connecting to the Firewall.
16
Active Source Identification
Security Heartbeat
Positively identifying the machine. Associating the IP
address with a particular Endpoint
Advanced Attack
If Network Firewall detects an advanced attack but
can’t determine source, it requests details from
endpoints
Source Identification
Endpoint sends details of machine name, user, process, and
IP address
SOPHOS LABS
Sophos Cloud
Next Gen
Network Security
Next Gen
Enduser Security
heartbeat
17
Automated Incident Response
Green
Endpoints have full access to internal applications and
data as well as internet
Yellow
Affected endpoints can be isolated from
internal/sensitive applications and data while
maintaining access to internet
Red
Affected endpoints are isolated from the network and have
no access to internal systems or external internet
SOPHOS LABS
Sophos Cloud
Next Gen
Network Security
Next Gen
Enduser Security
heartbeat
Defaults and customization
There are no default policies based on health status so
admins can customize responses as needed. We are
developing a best practices guide to assist customers in
recommended policy setup.
1818
Synchronized
Security 2015
19
Comprehensive Next-Gen Endpoint
SOPHOS SYSTEM
PROTECTOR
Application
Tracking
Threat
Engine
Application
Control
Reputation
Emulator
HIPS/
Runtime
Protection
Device
Control
Malicious
Traffic
Detection
Web
Protection
IoC
Collector
Live
Protection
Security
Heartbeat™
20
Comprehensive Next-Gen Network
SOPHOS FIREWALL
OPERATING SYSTEM
Web
Filtering
Intrusion
Prevention
System
Routing
Email
Security
Security
Heartbeat™
Selective
Sandbox
Application
Control
Data Loss
Prevention
ATP
Detection
Proxy
Threat
Engine
Firewall
21
SOPHOS SYSTEM
PROTECTOR
Sophos Cloud
Next Generation Threat Detection
heartbeat
SOPHOS FIREWALL
OPERATING SYSTEM
Application
Tracking
Threat
Engine
Application
Control
Reputation
Emulator
HIPS/
Runtime
Protection
Device
Control
Malicious
Traffic
Detection
Web
Protection
IoC
Collector
Live
Protection
Security
Heartbeat™
Web
Filtering
Intrusion
Prevention
System
Routing
Email
Security
Security
Heartbeat™
Selective
Sandbox
Application
Control
Data Loss
Prevention
ATP
Detection
Proxy
Threat
Engine
Isolate subnet and WAN access
Block/remove malware
Identify & clean other infected systems
User | System | File
Compromise
Firewall
2222
Synchronized
Security 2016
23
SOPHOS SYSTEM
PROTECTOR
Sophos Cloud
Improved Threat Detection
heartbeat
SOPHOS FIREWALL
OPERATING SYSTEM
Application
Tracking
Threat
Engine
Application
Control
Reputation
Emulator
HIPS/
Runtime
Protection
Device
Control
Malicious
Traffic
Detection
Web
Protection
IoC
Collector
Live
Protection
Security
Heartbeat™
Web
Filtering
Intrusion
Prevention
System
Routing
Email
Security
Security
Heartbeat™
Selective
Sandbox
Application
Control
Data Loss
Prevention
ATP
Detection
Proxy
Threat
Engine
Lockdown local network access
Remove file encryption keys
Terminate/remove malware
Identify & clean other infected
systems
User | System | File
Compromise
Firewall
24
SOPHOS SYSTEM
PROTECTOR
Sophos Cloud
Automated Protection of Endpoints
heartbeat
SOPHOS FIREWALL
OPERATING SYSTEM
Application
Tracking
Threat
Engine
Application
Control
Reputation
Emulator
HIPS/
Runtime
Protection
Device
Control
Malicious
Traffic
Detection
Web
Protection
IoC
Collector
Live
Protection
Security
Heartbeat™
Web
Filtering
Intrusion
Prevention
System
Routing
Email
Security
Security
Heartbeat™
Selective
Sandbox
Application
Control
Data Loss
Prevention
ATP
Detection
Proxy
Threat
Engine
Discover unmanaged Endpoints
Could it be managed?
Self-service portal setup
User authentication
Distribute security profile
Win | Mac | Mobile
Endpoint
Firewall
25
SOPHOS SYSTEM
PROTECTOR
Sophos Cloud
Detect and Remediate Compromises
heartbeat
SOPHOS FIREWALL
OPERATING SYSTEM
Application
Tracking
Threat
Engine
Application
Control
Reputation
Emulator
HIPS/
Runtime
Protection
Device
Control
Malicious
Traffic
Detection
Web
Protection
IoC
Collector
Live
Protection
Security
Heartbeat™
Web
Filtering
Intrusion
Prevention
System
Routing
Email
Security
Security
Heartbeat™
Selective
Sandbox
Application
Control
Data Loss
Prevention
ATP
Detection
Proxy
Threat
Engine
Identify compromise
Detect source
Assess impact
Block/remove malware
Identify & clean other infected
systems
User | System | File
Compromise
Firewall
2626
Your path to
Synchronized
Security
27
NEXT-GEN
ENDUSER SECURITY
NEXT-GEN
NETWORK SECURITY
SOPHOS UTM
• NETWORK PROTECTION
MODULE
SOPHOS CLOUD ENDPOINT
• CLOUD ENDUSER
PROTECTION
• CLOUD ENDPOINT
ADVANCED
Endpoint and Network working together
• FULLGUARD LICENSE
• TOTALPROTECT BUNDLE
NEXT-GEN FIREWALL
• NETWORK PROTECTION
MODULE
• NEXT-GENGUARD
LICENSE
• NEXT-GENPROTECT
BUNDLE
28
Already using Sophos
* Cloud Endpoint requires Sophos Cloud Endpoint Protection Advanced or Sophos Cloud Enduser Protection subscriptions
3030
Conclusion
31
The Synchronized Security difference
Sophos Competition
Synchronized Security Point Products
Simple Complex
Comprehensive Incomplete
Prevention, Detection, Investigation,
Remediation, Encryption
Prevention
Enduser, Network, Server, Mobile,
Web, Email, Encryption
Endpoint or Network
Automated Manual
Block the known, unknown,
advanced, coordinated attacks
Partial Prevention
32
Revolutionizing advanced threat protection
Synchronized Security
Accelerated Threat
Discovery
Positive Source
Identification
Automated Incident
Response
Faster, better decisions
Quicker, easier
investigation
Reduced threat impact
33© Sophos Ltd. All rights reserved.

Más contenido relacionado

La actualidad más candente

Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security EvasionInvincea, Inc.
 
2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report PresentationSophos
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Benelux
 
Sophos Security Day Belgium - The Hidden Gems of Sophos
Sophos Security Day Belgium - The Hidden Gems of SophosSophos Security Day Belgium - The Hidden Gems of Sophos
Sophos Security Day Belgium - The Hidden Gems of SophosSophos Benelux
 
Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012dvanwyk30
 
Preparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless ProtectionPreparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless ProtectionSophos
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint SettingsSophos
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 
Sophos Cloud - breaking the stereotypes
Sophos Cloud - breaking the stereotypesSophos Cloud - breaking the stereotypes
Sophos Cloud - breaking the stereotypesSophos Benelux
 
Panda Security - Endpoint Protection
Panda Security - Endpoint ProtectionPanda Security - Endpoint Protection
Panda Security - Endpoint ProtectionPanda Security
 
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...SWITCHPOINT NV/SA
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Andrew Ryan
 
Data Center Server security
Data Center Server securityData Center Server security
Data Center Server securityxband
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not MarketingArrowECS_CZ
 

La actualidad más candente (19)

XG Firewall
XG FirewallXG Firewall
XG Firewall
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security Evasion
 
2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report Presentation
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
 
Sophos Security Day Belgium - The Hidden Gems of Sophos
Sophos Security Day Belgium - The Hidden Gems of SophosSophos Security Day Belgium - The Hidden Gems of Sophos
Sophos Security Day Belgium - The Hidden Gems of Sophos
 
Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012
 
Preparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless ProtectionPreparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless Protection
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 
Sophos Cloud - breaking the stereotypes
Sophos Cloud - breaking the stereotypesSophos Cloud - breaking the stereotypes
Sophos Cloud - breaking the stereotypes
 
Panda Security - Endpoint Protection
Panda Security - Endpoint ProtectionPanda Security - Endpoint Protection
Panda Security - Endpoint Protection
 
ESET on cybersecurity.
ESET on cybersecurity.ESET on cybersecurity.
ESET on cybersecurity.
 
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
 
FireEye
FireEyeFireEye
FireEye
 
Data Center Server security
Data Center Server securityData Center Server security
Data Center Server security
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not
 
FireEye Engineering
FireEye Engineering FireEye Engineering
FireEye Engineering
 

Destacado

Sophos EndUser Protection
Sophos EndUser ProtectionSophos EndUser Protection
Sophos EndUser ProtectionSophos
 
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Benelux
 
Sophos Wireless Protection Overview
Sophos Wireless Protection OverviewSophos Wireless Protection Overview
Sophos Wireless Protection OverviewSophos
 
AWS Enterprise Summit London 2015 | Sophos - Using AWS to Transform Security
AWS Enterprise Summit London 2015 | Sophos - Using AWS to Transform SecurityAWS Enterprise Summit London 2015 | Sophos - Using AWS to Transform Security
AWS Enterprise Summit London 2015 | Sophos - Using AWS to Transform SecurityAmazon Web Services
 
shah-meet-cloud-certified-engineer[6] copy
shah-meet-cloud-certified-engineer[6] copyshah-meet-cloud-certified-engineer[6] copy
shah-meet-cloud-certified-engineer[6] copyMeet Shah
 
Taking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept XTaking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept XSophos Benelux
 
Introducing New Kaspersky Endpoint Security for Business - ENGLISH
Introducing New Kaspersky Endpoint Security for Business - ENGLISHIntroducing New Kaspersky Endpoint Security for Business - ENGLISH
Introducing New Kaspersky Endpoint Security for Business - ENGLISHKirill Kertsenbaum
 
Your Money or Your File! Highway Robbery with Blackhole and Ransomware
Your Money or Your File! Highway Robbery with Blackhole and RansomwareYour Money or Your File! Highway Robbery with Blackhole and Ransomware
Your Money or Your File! Highway Robbery with Blackhole and RansomwareSophos
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentationData Unit
 
Benefits of web application firewalls
Benefits of web application firewallsBenefits of web application firewalls
Benefits of web application firewallsEnclaveSecurity
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint ProtectionSophos
 
Anatomy of an Attack - Sophos Day Belux 2014
Anatomy of an Attack - Sophos Day Belux 2014Anatomy of an Attack - Sophos Day Belux 2014
Anatomy of an Attack - Sophos Day Belux 2014Sophos Benelux
 
Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5Accenture Technology
 

Destacado (20)

Sophos EndUser Protection
Sophos EndUser ProtectionSophos EndUser Protection
Sophos EndUser Protection
 
Intercept X - Sophos Endpoint
Intercept X - Sophos EndpointIntercept X - Sophos Endpoint
Intercept X - Sophos Endpoint
 
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
 
Sophos Wireless Protection Overview
Sophos Wireless Protection OverviewSophos Wireless Protection Overview
Sophos Wireless Protection Overview
 
AWS Enterprise Summit London 2015 | Sophos - Using AWS to Transform Security
AWS Enterprise Summit London 2015 | Sophos - Using AWS to Transform SecurityAWS Enterprise Summit London 2015 | Sophos - Using AWS to Transform Security
AWS Enterprise Summit London 2015 | Sophos - Using AWS to Transform Security
 
shah-meet-cloud-certified-engineer[6] copy
shah-meet-cloud-certified-engineer[6] copyshah-meet-cloud-certified-engineer[6] copy
shah-meet-cloud-certified-engineer[6] copy
 
Sophos Cloud advanced
Sophos Cloud advancedSophos Cloud advanced
Sophos Cloud advanced
 
Manual Sophos
Manual SophosManual Sophos
Manual Sophos
 
Taking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept XTaking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept X
 
Introducing New Kaspersky Endpoint Security for Business - ENGLISH
Introducing New Kaspersky Endpoint Security for Business - ENGLISHIntroducing New Kaspersky Endpoint Security for Business - ENGLISH
Introducing New Kaspersky Endpoint Security for Business - ENGLISH
 
Sophos End User Protection
Sophos End User ProtectionSophos End User Protection
Sophos End User Protection
 
Your Money or Your File! Highway Robbery with Blackhole and Ransomware
Your Money or Your File! Highway Robbery with Blackhole and RansomwareYour Money or Your File! Highway Robbery with Blackhole and Ransomware
Your Money or Your File! Highway Robbery with Blackhole and Ransomware
 
Kaspersky
KasperskyKaspersky
Kaspersky
 
Sophos 2010
Sophos 2010 Sophos 2010
Sophos 2010
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentation
 
Benefits of web application firewalls
Benefits of web application firewallsBenefits of web application firewalls
Benefits of web application firewalls
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
 
Anatomy of an Attack - Sophos Day Belux 2014
Anatomy of an Attack - Sophos Day Belux 2014Anatomy of an Attack - Sophos Day Belux 2014
Anatomy of an Attack - Sophos Day Belux 2014
 
Security Technology Vision 2016
Security Technology Vision 2016Security Technology Vision 2016
Security Technology Vision 2016
 
Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5Digital Trust - Tech Vision 2016 Trend 5
Digital Trust - Tech Vision 2016 Trend 5
 

Similar a What's cooking at Sophos - an introduction to Synchronized Security

Sophos synchronized security in action @Netpluz CS Event Nov 2017
Sophos synchronized security in action @Netpluz CS Event Nov 2017Sophos synchronized security in action @Netpluz CS Event Nov 2017
Sophos synchronized security in action @Netpluz CS Event Nov 2017Netpluz Asia Pte Ltd
 
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYIDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYForgeRock
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?MenloSecurity
 
Synchronized Security Presentation
Synchronized Security PresentationSynchronized Security Presentation
Synchronized Security PresentationGraham Prior
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportDell EMC World
 
Endpoint Security Pres.pptx
Endpoint Security Pres.pptxEndpoint Security Pres.pptx
Endpoint Security Pres.pptxNBBNOC
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?William hendric
 
Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015SLBdiensten
 
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint SecurityBen Rothke
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint SecurityBurak DAYIOGLU
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...Chrysostomos Christofi
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfANJUMOHANANU
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityLumension
 

Similar a What's cooking at Sophos - an introduction to Synchronized Security (20)

Partner Welcome Kit
Partner Welcome KitPartner Welcome Kit
Partner Welcome Kit
 
Sophos synchronized security in action @Netpluz CS Event Nov 2017
Sophos synchronized security in action @Netpluz CS Event Nov 2017Sophos synchronized security in action @Netpluz CS Event Nov 2017
Sophos synchronized security in action @Netpluz CS Event Nov 2017
 
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYIDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
 
Sophos
SophosSophos
Sophos
 
Synchronized Security Presentation
Synchronized Security PresentationSynchronized Security Presentation
Synchronized Security Presentation
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT Support
 
Post Wannacry Update
Post Wannacry UpdatePost Wannacry Update
Post Wannacry Update
 
Endpoint Security Pres.pptx
Endpoint Security Pres.pptxEndpoint Security Pres.pptx
Endpoint Security Pres.pptx
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?
 
Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015
 
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint Security
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint Security
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 

Más de Sophos Benelux

Sophos introduces the Threat Landscape
Sophos introduces the Threat LandscapeSophos introduces the Threat Landscape
Sophos introduces the Threat LandscapeSophos Benelux
 
Sophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Benelux
 
IT Security landscape and the latest threats and trends
IT Security landscape and the latest threats and trendsIT Security landscape and the latest threats and trends
IT Security landscape and the latest threats and trendsSophos Benelux
 
How to stay protected against ransomware
How to stay protected against ransomwareHow to stay protected against ransomware
How to stay protected against ransomwareSophos Benelux
 
SDN - a new security paradigm?
SDN - a new security paradigm?SDN - a new security paradigm?
SDN - a new security paradigm?Sophos Benelux
 
Balabit - Shell Control Box
Balabit - Shell Control BoxBalabit - Shell Control Box
Balabit - Shell Control BoxSophos Benelux
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationSophos Benelux
 
Prevent million dollar fines - preparing for the EU General Data Regulation
Prevent million dollar fines - preparing for the EU General Data RegulationPrevent million dollar fines - preparing for the EU General Data Regulation
Prevent million dollar fines - preparing for the EU General Data RegulationSophos Benelux
 
Case Study Diagnostiek voor U
Case Study Diagnostiek voor UCase Study Diagnostiek voor U
Case Study Diagnostiek voor USophos Benelux
 
Introduction Sophos Day Netherlands
Introduction Sophos Day NetherlandsIntroduction Sophos Day Netherlands
Introduction Sophos Day NetherlandsSophos Benelux
 
The EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowThe EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowSophos Benelux
 

Más de Sophos Benelux (12)

Sophos introduces the Threat Landscape
Sophos introduces the Threat LandscapeSophos introduces the Threat Landscape
Sophos introduces the Threat Landscape
 
Sophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out for
 
IT Security landscape and the latest threats and trends
IT Security landscape and the latest threats and trendsIT Security landscape and the latest threats and trends
IT Security landscape and the latest threats and trends
 
How to stay protected against ransomware
How to stay protected against ransomwareHow to stay protected against ransomware
How to stay protected against ransomware
 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile Apps
 
SDN - a new security paradigm?
SDN - a new security paradigm?SDN - a new security paradigm?
SDN - a new security paradigm?
 
Balabit - Shell Control Box
Balabit - Shell Control BoxBalabit - Shell Control Box
Balabit - Shell Control Box
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organization
 
Prevent million dollar fines - preparing for the EU General Data Regulation
Prevent million dollar fines - preparing for the EU General Data RegulationPrevent million dollar fines - preparing for the EU General Data Regulation
Prevent million dollar fines - preparing for the EU General Data Regulation
 
Case Study Diagnostiek voor U
Case Study Diagnostiek voor UCase Study Diagnostiek voor U
Case Study Diagnostiek voor U
 
Introduction Sophos Day Netherlands
Introduction Sophos Day NetherlandsIntroduction Sophos Day Netherlands
Introduction Sophos Day Netherlands
 
The EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowThe EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to know
 

Último

Philosophy of Education and Educational Philosophy
Philosophy of Education  and Educational PhilosophyPhilosophy of Education  and Educational Philosophy
Philosophy of Education and Educational PhilosophyShuvankar Madhu
 
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxPISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxEduSkills OECD
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17Celine George
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice documentXsasf Sfdfasd
 
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxAUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxiammrhaywood
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRATanmoy Mishra
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptxraviapr7
 
How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17Celine George
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfMohonDas
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphNetziValdelomar1
 
Human-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesHuman-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesMohammad Hassany
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxheathfieldcps1
 
Practical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptxPractical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptxKatherine Villaluna
 
CapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptxCapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptxCapitolTechU
 
M-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxM-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxDr. Santhosh Kumar. N
 
5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...CaraSkikne1
 
What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?TechSoup
 
UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE
 
Quality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICEQuality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICESayali Powar
 
General views of Histopathology and step
General views of Histopathology and stepGeneral views of Histopathology and step
General views of Histopathology and stepobaje godwin sunday
 

Último (20)

Philosophy of Education and Educational Philosophy
Philosophy of Education  and Educational PhilosophyPhilosophy of Education  and Educational Philosophy
Philosophy of Education and Educational Philosophy
 
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxPISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice document
 
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxAUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
 
How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdf
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a Paragraph
 
Human-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesHuman-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming Classes
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
 
Practical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptxPractical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptx
 
CapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptxCapTechU Doctoral Presentation -March 2024 slides.pptx
CapTechU Doctoral Presentation -March 2024 slides.pptx
 
M-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxM-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptx
 
5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...
 
What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?
 
UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024
 
Quality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICEQuality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICE
 
General views of Histopathology and step
General views of Histopathology and stepGeneral views of Histopathology and step
General views of Histopathology and step
 

What's cooking at Sophos - an introduction to Synchronized Security

  • 1. 1 Vincent Vanbiervliet Product Manager Synchronized Security Revolutionizing Advanced Threat Protection
  • 2. 2 What we’re going to cover • What’s the problem? • It’s time for a security revolution • How it works • Synchronized Security 2015-2016 • Your path to synchronized Security
  • 5. 5 Increasing attacks, increasing sophistication Attack surface exponentially larger Laptops/Desktops Phones/Tablets Virtual servers/desktops Cloud servers/storage Threats more sophisticated Attacks are more coordinated than defenses
  • 7. 77 It’s time for a security revolution
  • 8. 8 Generations of security Point Products Anti-virus IPS Firewall Sandbox Layers Bundles Suites UTM EMM Synchronized Security Security Heartbeat™
  • 9. 9 Comprehensive protection • Prevent Malware • Detect Compromises • Remediate Threats • Investigate Issues • Encrypt Data MAC ANDROID WINDOWS iOS CORPORATE DATA WINDOWS PHONE LINUX Synchronized Security
  • 10. 10 Integration at a different level Synchronized Security Alternative • System-level intelligence • Automated correlation • Faster decision-making • Accelerated Threat Discovery • Automated Incident Response • Simple unified management • Resource intensive • Manual correlation • Dependent upon human analysis • Manual Threat/Incident response • Extra products • Endpoint/Network unaware of each other Management Enduser Network SIEM Endpoint Mgmt NW Mgmt Endpoint Network
  • 11. 11 Synchronized Security Security must be comprehensive The capabilities required to fully satisfy customer need Security can be made simple Platform, deployment, licensing, user experience Security is more effective as a system New possibilities through technology cooperation Synchronized Security Integrated, context-aware security where Enduser and Network technology share meaningful information to deliver better protection. SOPHOS LABS Sophos Cloud Next Gen Network Security Next Gen Enduser Security heartbeat
  • 13. 13 3 pillars of advanced threat protection By device identification reduces time taken to manually identify infected or at risk device or host by IP address alone Compromised endpoints are isolated by the firewall automatically, while the endpoint terminates and removes malicious software. Endpoint and network protection combine to identify unknown threats faster. Sophos Security Heartbeat™ pulses real- time information on suspicious behaviors Security Heartbeat™ Accelerated Threat Discovery Active Source Identification Automated Incident Response Faster, better decisions Quicker, easier investigation Reduced threat impact
  • 14. 14 System Initialization Registration NGEP & NGFW register with Sophos Cloud which sends certificate/sec info to both Connection Endpoints initiate connection to the trusted Firewall Validation Firewall and Endpoints check sec info sent to them by Cloud to verify they are valid SOPHOS LABS Sophos Cloud Next Gen Network Security Next Gen Enduser Security heartbeat Support of multiple locations Endpoints can establish connection to Firewalls at any customer’s location as the Sophos Cloud registry can be shared among all Galileo-enabled Firewalls
  • 15. 15 Accelerated Threat Discovery Security Heartbeat A few bytes of information are shared every 15 seconds from Endpoint to Network Events Upon discovery, security information like Malware, PUA is shared between Endpoints and Network Health Endpoint sends Red, Yellow, Green health status to Network SOPHOS LABS Sophos Cloud Next Gen Network Security Next Gen Enduser Security heartbeat VPN support Galileo supports endpoints connected within the local network as well as those connected via VPN as long as they are connecting to the Firewall.
  • 16. 16 Active Source Identification Security Heartbeat Positively identifying the machine. Associating the IP address with a particular Endpoint Advanced Attack If Network Firewall detects an advanced attack but can’t determine source, it requests details from endpoints Source Identification Endpoint sends details of machine name, user, process, and IP address SOPHOS LABS Sophos Cloud Next Gen Network Security Next Gen Enduser Security heartbeat
  • 17. 17 Automated Incident Response Green Endpoints have full access to internal applications and data as well as internet Yellow Affected endpoints can be isolated from internal/sensitive applications and data while maintaining access to internet Red Affected endpoints are isolated from the network and have no access to internal systems or external internet SOPHOS LABS Sophos Cloud Next Gen Network Security Next Gen Enduser Security heartbeat Defaults and customization There are no default policies based on health status so admins can customize responses as needed. We are developing a best practices guide to assist customers in recommended policy setup.
  • 19. 19 Comprehensive Next-Gen Endpoint SOPHOS SYSTEM PROTECTOR Application Tracking Threat Engine Application Control Reputation Emulator HIPS/ Runtime Protection Device Control Malicious Traffic Detection Web Protection IoC Collector Live Protection Security Heartbeat™
  • 20. 20 Comprehensive Next-Gen Network SOPHOS FIREWALL OPERATING SYSTEM Web Filtering Intrusion Prevention System Routing Email Security Security Heartbeat™ Selective Sandbox Application Control Data Loss Prevention ATP Detection Proxy Threat Engine Firewall
  • 21. 21 SOPHOS SYSTEM PROTECTOR Sophos Cloud Next Generation Threat Detection heartbeat SOPHOS FIREWALL OPERATING SYSTEM Application Tracking Threat Engine Application Control Reputation Emulator HIPS/ Runtime Protection Device Control Malicious Traffic Detection Web Protection IoC Collector Live Protection Security Heartbeat™ Web Filtering Intrusion Prevention System Routing Email Security Security Heartbeat™ Selective Sandbox Application Control Data Loss Prevention ATP Detection Proxy Threat Engine Isolate subnet and WAN access Block/remove malware Identify & clean other infected systems User | System | File Compromise Firewall
  • 23. 23 SOPHOS SYSTEM PROTECTOR Sophos Cloud Improved Threat Detection heartbeat SOPHOS FIREWALL OPERATING SYSTEM Application Tracking Threat Engine Application Control Reputation Emulator HIPS/ Runtime Protection Device Control Malicious Traffic Detection Web Protection IoC Collector Live Protection Security Heartbeat™ Web Filtering Intrusion Prevention System Routing Email Security Security Heartbeat™ Selective Sandbox Application Control Data Loss Prevention ATP Detection Proxy Threat Engine Lockdown local network access Remove file encryption keys Terminate/remove malware Identify & clean other infected systems User | System | File Compromise Firewall
  • 24. 24 SOPHOS SYSTEM PROTECTOR Sophos Cloud Automated Protection of Endpoints heartbeat SOPHOS FIREWALL OPERATING SYSTEM Application Tracking Threat Engine Application Control Reputation Emulator HIPS/ Runtime Protection Device Control Malicious Traffic Detection Web Protection IoC Collector Live Protection Security Heartbeat™ Web Filtering Intrusion Prevention System Routing Email Security Security Heartbeat™ Selective Sandbox Application Control Data Loss Prevention ATP Detection Proxy Threat Engine Discover unmanaged Endpoints Could it be managed? Self-service portal setup User authentication Distribute security profile Win | Mac | Mobile Endpoint Firewall
  • 25. 25 SOPHOS SYSTEM PROTECTOR Sophos Cloud Detect and Remediate Compromises heartbeat SOPHOS FIREWALL OPERATING SYSTEM Application Tracking Threat Engine Application Control Reputation Emulator HIPS/ Runtime Protection Device Control Malicious Traffic Detection Web Protection IoC Collector Live Protection Security Heartbeat™ Web Filtering Intrusion Prevention System Routing Email Security Security Heartbeat™ Selective Sandbox Application Control Data Loss Prevention ATP Detection Proxy Threat Engine Identify compromise Detect source Assess impact Block/remove malware Identify & clean other infected systems User | System | File Compromise Firewall
  • 27. 27 NEXT-GEN ENDUSER SECURITY NEXT-GEN NETWORK SECURITY SOPHOS UTM • NETWORK PROTECTION MODULE SOPHOS CLOUD ENDPOINT • CLOUD ENDUSER PROTECTION • CLOUD ENDPOINT ADVANCED Endpoint and Network working together • FULLGUARD LICENSE • TOTALPROTECT BUNDLE NEXT-GEN FIREWALL • NETWORK PROTECTION MODULE • NEXT-GENGUARD LICENSE • NEXT-GENPROTECT BUNDLE
  • 28. 28 Already using Sophos * Cloud Endpoint requires Sophos Cloud Endpoint Protection Advanced or Sophos Cloud Enduser Protection subscriptions
  • 30. 31 The Synchronized Security difference Sophos Competition Synchronized Security Point Products Simple Complex Comprehensive Incomplete Prevention, Detection, Investigation, Remediation, Encryption Prevention Enduser, Network, Server, Mobile, Web, Email, Encryption Endpoint or Network Automated Manual Block the known, unknown, advanced, coordinated attacks Partial Prevention
  • 31. 32 Revolutionizing advanced threat protection Synchronized Security Accelerated Threat Discovery Positive Source Identification Automated Incident Response Faster, better decisions Quicker, easier investigation Reduced threat impact
  • 32. 33© Sophos Ltd. All rights reserved.

Notas del editor

  1. Each product FW, AV, Dev control, App Control, Mobile – has a unique way of looking at the network. You are looking at it from a sideview, not a top-down 3D view. This is just the nature of the beast. FW just looks at the network. If it’s designed to let port 80 through, I craft my malware to use port 80. We’re left with competent products, but only a 2D view (un-integrated).
  2. Endpoint security used to be about stopping malware from infecting Windows PCs on the network. Now it has to evolve to not only prevent malware, but also detect machines that are already compromised and help remediate detected threats on a variety of workstation and mobile platforms. Endpoint security also has to include a focus on the data, ensuring it is encrypted and accessible only to authorized users regardless of where the data lives.
  3. NGFW notes if EP is sending Heartbeat (if it is, it is definitely managed) If not, NGFW characterizes EP by inspecting traffic (e.g. is it a Windows, MAC, printer, IP phone, mobile device etc) NGFW queries Cloud EP management to ask two questions   1) Could it be managed (true for Windows, MAC, mobile; false for printer, IP phone etc) ?   2) Is it managed already (to cover the case we don't support Heartbeat on that platform yet) ? If the device is one which could be managed but isn't, NGFW redirects device to a Self Service portal defined by Administrator to become managed NGFW restricts network traffic from that device to that portal to protect customer network. Also an incentive for device owner to make device compliant. Portal authenticates user (username / password) Portal will present device dependent information e.g. will contain installers for Cloud EP (Windows, MAC), registration page for mobiles etc. Portal can also contain security profile information for that customer e.g. certificates to be installed to access customers WiFi and network resources
  4. Alternative slide option to slide 28 in case you prefer this version.